Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(325)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/quic/crypto/quic_crypto_client_config.cc

Issue 2130103002: Landing Recent QUIC changes until 2016-07-02 02:45 UTC (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 4 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/quic/crypto/quic_crypto_client_config.h ('k') | net/quic/crypto/quic_crypto_client_config_test.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2013 The Chromium Authors. All rights reserved. 1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/quic/crypto/quic_crypto_client_config.h" 5 #include "net/quic/crypto/quic_crypto_client_config.h"
6 6
7 #include <memory> 7 #include <memory>
8 8
9 #include "base/metrics/histogram_macros.h" 9 #include "base/metrics/histogram_macros.h"
10 #include "base/stl_util.h" 10 #include "base/stl_util.h"
(...skipping 395 matching lines...) Expand 10 before | Expand all | Expand 10 after
406 it != cached_states_.end(); ++it) { 406 it != cached_states_.end(); ++it) {
407 it->second->Clear(); 407 it->second->Clear();
408 } 408 }
409 } 409 }
410 410
411 void QuicCryptoClientConfig::FillInchoateClientHello( 411 void QuicCryptoClientConfig::FillInchoateClientHello(
412 const QuicServerId& server_id, 412 const QuicServerId& server_id,
413 const QuicVersion preferred_version, 413 const QuicVersion preferred_version,
414 const CachedState* cached, 414 const CachedState* cached,
415 QuicRandom* rand, 415 QuicRandom* rand,
416 bool demand_x509_proof,
416 QuicCryptoNegotiatedParameters* out_params, 417 QuicCryptoNegotiatedParameters* out_params,
417 CryptoHandshakeMessage* out) const { 418 CryptoHandshakeMessage* out) const {
418 out->set_tag(kCHLO); 419 out->set_tag(kCHLO);
419 out->set_minimum_size(kClientHelloMinimumSize); 420 out->set_minimum_size(kClientHelloMinimumSize);
420 421
421 // Server name indication. We only send SNI if it's a valid domain name, as 422 // Server name indication. We only send SNI if it's a valid domain name, as
422 // per the spec. 423 // per the spec.
423 if (CryptoUtils::IsValidSNI(server_id.host())) { 424 if (CryptoUtils::IsValidSNI(server_id.host())) {
424 out->SetStringPiece(kSNI, server_id.host()); 425 out->SetStringPiece(kSNI, server_id.host());
425 } 426 }
426 out->SetValue(kVER, QuicVersionToQuicTag(preferred_version)); 427 out->SetValue(kVER, QuicVersionToQuicTag(preferred_version));
427 428
428 if (!user_agent_id_.empty()) { 429 if (!user_agent_id_.empty()) {
429 out->SetStringPiece(kUAID, user_agent_id_); 430 out->SetStringPiece(kUAID, user_agent_id_);
430 } 431 }
431 432
432 char proof_nonce[32];
433 rand->RandBytes(proof_nonce, arraysize(proof_nonce));
434 out->SetStringPiece(kNONP, StringPiece(proof_nonce, arraysize(proof_nonce)));
435
436 // Even though this is an inchoate CHLO, send the SCID so that 433 // Even though this is an inchoate CHLO, send the SCID so that
437 // the STK can be validated by the server. 434 // the STK can be validated by the server.
438 const CryptoHandshakeMessage* scfg = cached->GetServerConfig(); 435 const CryptoHandshakeMessage* scfg = cached->GetServerConfig();
439 if (scfg != nullptr) { 436 if (scfg != nullptr) {
440 StringPiece scid; 437 StringPiece scid;
441 if (scfg->GetStringPiece(kSCID, &scid)) { 438 if (scfg->GetStringPiece(kSCID, &scid)) {
442 out->SetStringPiece(kSCID, scid); 439 out->SetStringPiece(kSCID, scid);
443 } 440 }
444 } 441 }
445 442
446 if (!cached->source_address_token().empty()) { 443 if (!cached->source_address_token().empty()) {
447 out->SetStringPiece(kSourceAddressTokenTag, cached->source_address_token()); 444 out->SetStringPiece(kSourceAddressTokenTag, cached->source_address_token());
448 } 445 }
449 446
447 if (!demand_x509_proof) {
448 return;
449 }
450
451 char proof_nonce[32];
452 rand->RandBytes(proof_nonce, arraysize(proof_nonce));
453 out->SetStringPiece(kNONP, StringPiece(proof_nonce, arraysize(proof_nonce)));
454
450 if (disable_ecdsa_) { 455 if (disable_ecdsa_) {
451 out->SetVector(kPDMD, QuicTagVector{kX59R}); 456 out->SetVector(kPDMD, QuicTagVector{kX59R});
452 } else { 457 } else {
453 out->SetVector(kPDMD, QuicTagVector{kX509}); 458 out->SetVector(kPDMD, QuicTagVector{kX509});
454 } 459 }
455 460
456 if (common_cert_sets) { 461 if (common_cert_sets) {
457 out->SetStringPiece(kCCS, common_cert_sets->GetCommonHashes()); 462 out->SetStringPiece(kCCS, common_cert_sets->GetCommonHashes());
458 } 463 }
459 464
(...skipping 26 matching lines...) Expand all
486 const CachedState* cached, 491 const CachedState* cached,
487 QuicWallTime now, 492 QuicWallTime now,
488 QuicRandom* rand, 493 QuicRandom* rand,
489 const ChannelIDKey* channel_id_key, 494 const ChannelIDKey* channel_id_key,
490 QuicCryptoNegotiatedParameters* out_params, 495 QuicCryptoNegotiatedParameters* out_params,
491 CryptoHandshakeMessage* out, 496 CryptoHandshakeMessage* out,
492 string* error_details) const { 497 string* error_details) const {
493 DCHECK(error_details != nullptr); 498 DCHECK(error_details != nullptr);
494 499
495 FillInchoateClientHello(server_id, preferred_version, cached, rand, 500 FillInchoateClientHello(server_id, preferred_version, cached, rand,
496 out_params, out); 501 /* demand_x509_proof= */ true, out_params, out);
497 502
498 const CryptoHandshakeMessage* scfg = cached->GetServerConfig(); 503 const CryptoHandshakeMessage* scfg = cached->GetServerConfig();
499 if (!scfg) { 504 if (!scfg) {
500 // This should never happen as our caller should have checked 505 // This should never happen as our caller should have checked
501 // cached->IsComplete() before calling this function. 506 // cached->IsComplete() before calling this function.
502 *error_details = "Handshake not ready"; 507 *error_details = "Handshake not ready";
503 return QUIC_CRYPTO_INTERNAL_ERROR; 508 return QUIC_CRYPTO_INTERNAL_ERROR;
504 } 509 }
505 510
506 StringPiece scid; 511 StringPiece scid;
(...skipping 480 matching lines...) Expand 10 before | Expand all | Expand 10 after
987 } 992 }
988 993
989 // Update canonical version to point at the "most recent" entry. 994 // Update canonical version to point at the "most recent" entry.
990 canonical_server_map_[suffix_server_id] = server_id; 995 canonical_server_map_[suffix_server_id] = server_id;
991 996
992 server_state->InitializeFrom(*canonical_state); 997 server_state->InitializeFrom(*canonical_state);
993 return true; 998 return true;
994 } 999 }
995 1000
996 } // namespace net 1001 } // namespace net
OLDNEW
« no previous file with comments | « net/quic/crypto/quic_crypto_client_config.h ('k') | net/quic/crypto/quic_crypto_client_config_test.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698